CVE-2020-12406
CVSS v3.1
8.8 (High)
CVSS v2.0
9.3 (High)
EPSS
0.31 % (70th)
Affected Products
4
Advisories
32
Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
Weaknesses
- CWE-345
- Insufficient Verification of Data Authenticity
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2020-07-09 15:15:11
(4 years ago) - Updated Date
-
2023-01-27 16:48:38
(19 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...